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A Objective and recommendation 


1.1. This report gives the Committee assurance on the ICO’s 
compliance with Government’s functional standards. The 
Committee is recommended to note the report. 


2. History and dependencies 


2.1. This work will form part of our ongoing compliance and assurance 
monitoring going forward, as presented to the Committee earlier 
this year. 


Developing a common understanding 


3.1. The functional standards exist to create a coherent, effective and 
mutually understood way of doing business within government 
organisations and across organisational boundaries, and to provide 
a stable basis for assurance, risk management and capability 
improvement. They support value for money for the taxpayer, and 
continuity of implementation. These standards are mandated for 
use across central government, and may also be adopted by other 
public sector organisations. There are 14 functional standards 
(details provided below). 


3.2. HMT have requested that stated that all central government 
departments and their arm’s length bodies should have a plan in 
place by end of March 2022 to comply with each relevant 
functional standard in a way that meets its business plans and 
priorities. Use of the standards should be embedded into each 
organisation’s business plans for 2022/23 onwards. This is the first 
time the ICO has been requested to assess its compliance with the 
standards. 


3.3. DCMS requested that their ALBs provide an initial assessment of 
how far they comply with functional standards by 9 December 
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4.2. 


4.3. 


2021. To do this, the relevant ICO teams have assessed current 
compliance with the standards and whether we will fully comply by 
March 2023. In some areas, further consideration needs to be 
given to our target operating model (“good”, “better” or “best) as 
new Directors and heads of department develop their plans. The 
information from this return was used to develop this report. We 
have not yet received any response from DCMS on this return. 


Matters to consider to achieve objective 


The table on the following page sets out each of the functional 
standards and the current assessment of how far we comply with 
them. The title of each standard contains a link to the standard 
itself. We still need to conduct the assessment against the counter- 
fraud standard. 


The table demonstrates that we are in a good position to achieve 
all of the standards by the end of March 2023. The Planning and 
Performance Team are working with the Directors, to ensure that 
any actions that are required to comply with the standards are 
included in Directorate business plans in 2022/23. Comments on 
the extent of our compliance with the standards, and the plans in 
place to ensure that we achieve them all, will be included in the 
Annual Report and Financial Statements. 


It appears that the areas which require most attention are likely to 
be those related to Finance and those related to IT, as in both 
those areas further analysis is needed of the frameworks to fully 
assess compliance. In relation to the Finance standards, Angela 
Donaldson will be fully assessing compliance with the frameworks 
during January and February as the new Finance target operating 
model is developed. With that in mind, the Risk and Governance 
Board will be receiving reports during early 2022 on the plans to 
achieve those. 
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Standard Current Assessment Current Target level of | Owner 
maturity level | operating 
model 
GovS 001: government We currently meet all Better Better Louise Byers 
functions requirements. 
GovS 002: Project Will look to meet all Developing TBC Jen Green and 
Delivery requirements through Emma Deen 
business planning and 
prioritisation in 
2022/23. 
GovS 003: Human Will work towards all Developing TBC Sarah Lal 
Resources requirements through 
business planning and 
prioritisation in 
2022/23; 
GovS 004: Property Will work towards all Developing Not set Angela Donaldson 
requirements through 
business planning and 
prioritisation in 
2022/23. 
GovS 005: Digital, Data | Will work towards all Developing. Not set Mike Fitzgerald 


and Technology 


requirements through 
business planning and 
prioritisation in 
2022/23. 


However, further 
work is required 
to review all the 
standards to 
ensure a 
comprehensive 
assessment is 
made. 
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Standard Current Assessment Current Target level of | Owner 
maturity level | operating 
model 
GovsS 006: Finance Will work towards all Developing. TBC Angela Donaldson 
requirements through However, further 
business planning and | work is required 
prioritisation in to review all the 
2022/23. standards to 
ensure a 
comprehensive 
assessment is 
made. 
GovS 007: Security Will work towards all Unknown, as Unknown Mike Fitzgerald 
requirements through many of the 
business planning and | underpinning 
prioritisation in standards are 
2022/23. not available. 
GovS 008: Commercial Will work towards all Developing. TBC Angela Donaldson 
and Commercial requirements through However, further 
Continuous Improvement | business planning and | work is required 
Assessment Framework | prioritisation in to review all the 
2022/23. standards to 
ensure a 
comprehensive 
assessment is 
made. 
GovS 009: Internal Audit | Will meet all Good Good Mazars (via Corp 


requirements by March 
2022. 


Governance) 
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Standard Current Assessment Current Target level of | Owner 
maturity level | operating 
model 
GovS 010: Analysis Will meet all Developing TBC (this Melissa Mathieson 
requirements by March standard only 
2022. applies to the 
ICO in a limited 
degree) 
Govs 011; Will meet all Good TBC Ange Balakrishnan 
Communication requirements by March 
2022. 
GovS 013: Counter Will work towards all Developing. TBC Angela Donaldson 
Fraud requirements through However, further 
business planning and | work is required 
prioritisation in to review all the 
2022/23. standards to 
ensure a 
comprehensive 
assessment is 
made. 
GovS 014: Debt We currently meet all Developing Unknown Angela Donaldson 
requirements. 
GovS 015: Grants We currently meet all Good Better Stephen Almond 


requirements. 
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4.4. 


The new Compliance and Assurance Manager with the Corporate 
Governance Team (to be recruited in early 2022) will work with 
those Directors to assist them, where appropriate, in delivering the 
actions to achieve the standards, where they are relevant to the 
work of the ICO. The Compliance and Assurance Manager will also 
develop and deliver a work programme of compliance actions to 
ensure that there is sufficient assurance that we continue to 
comply with the standards. This will be delivered alongside their 
work to develop and deliver the assurance map. 


Areas for challenge 


Does the assessment of our level of compliance with the standards 
appear to be appropriate? 


Communications considerations 


There is no need for broader communication of this work at this 
stage. 


Next steps 
The next steps for this work are: 


e Ensure that plans to comply with the standards are included in 
relevant Directorate business plans 


e Deliver actions to comply with standards during 2022/23 


Author: Chris Braithwaite 


Consultees: Louise Byers 


Publication decision: This report can be published internally and 
externally without redactions. 


Outcome reached: 
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